Early Access — Mondoo Vulnerability Intelligence is currently in preview.
Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
badkeys vulnerable to ASCII control character injection on console via malformed input
Apache HTTP Server: CGI environment variable override
Soft Serve does not sanitize ANSI escape sequences in user input
Apache Tomcat: console manipulation via escape sequences in log messages
Tracing logging user input may result in poisoning logs with ANSI escape sequences
Active Record logging vulnerable to ANSI escape injection
Apache HTTP Server: mod_ssl error log variable escaping
Gardener vulnerable to metadata injection for a project secret that can lead to privilege escalation
In netstat in BusyBox through 1
gurk (aka gurk-rs) through 0
IBM MQ code execution
MongoDB Shell may be susceptible to control character Injection via shell output
MongoDB Shell may be susceptible to control character injection via pasting
Crayfish allows Remote Code Execution via Homarus Authorization header
The sideband payload is passed unfiltered to the terminal in git
Git does not sanitize URLs when asking for credentials interactively
Newline confusion in credential helpers can lead to credential exfiltration in git
HTML templates containing Javascript template strings are subject to XSS in jte
Python-sql: python-sql unary operators does not escape non-expression
Jinja has a sandbox breakout through malicious filenames
Showing 1 - 20 of 1,000+ results